The shell script can also easily turned into something that will deliver you
the video remotely. This is useful if you have the server in the US and get
annoyed by all the "This video contains content from ****. It is not available
in your country." messages when accessing content e.g. from Germany.

I'm planning to go biking and swimming again in the summer. What bugs me about
it, is that during both activities I can't do much more than just that. I can't
work on my projects or read a book. What I could do is listen to music or to a
audio book. But what I would really like to do most is to continue reading my
Perry Rhodan books. There are audio recordings of them but unfortunately those
are edited and not a 1:1 copy of the books. But since my goal was to really
read all of the books without leaving anything out this was unacceptable.

My idea was to see how far we are in terms of text to speech synthesizers. To
increase the requirements I was looking for a good German synthesizer since the
Perry Rhodan novels are written in German. After some search I found out that
apparently a company called ivona is currently
providing the best possible solution for my problem.

But of course there were additional issues. First, this company of course
doesn't release their product for linux so I had two options: installing
windows in qemu and running their software there or seeing if I could find out
how I could find a new purpose for their online demo application.

While I was setting up an emulated Windows XP in the background I tried to
figure out how the webfrontend of ivona.com was working. After a few hours of
trial and error I got the solution which in contrast to my initial believe did
not even require any reverse engineering of flash binaries.

The X-Requested-With header is required and instead of 20, the voice POST
parameter can become 21 for a female German voice. Other numbers are for other
languages.

Interestingly enough, the 250 character limit seems to be only enforced on the
client side. As one can see with the request above it is no problem at all to
convert phrases with more characters as well. Instead the server will just stop
converting at a random point. It will be around 23-26 seconds of speech or
180-200 KB. But maybe this is useful anyways for somebody.

In my quest to minimize the external third party services I rely on in my daily
life, I stumbled over dudle which is an
online poll system like doodle only better :)

The problems with giving your availability for a meeting or preferences over a
subject to third party services like doodle are obviously the entailed privacy
issues. Since I thought that doing stuff like a simple poll can also be handled
by software running on my machine I firstly just wanted something like doodle
running on one of my servers. This way, whenever me or anybody else would vote,
they would no longer be depending on trusting someone like doodle but they
would only have to trust me, who I own the server. (and hopefully they trust me
more than a unknown money making instance)

But one can do even better than that! Benjamin
Kellermann implemented an
online poll platform where the availability or preferences of the participants
are not even known by the server itself (nor by the other participants) and
only when everybody voted a sum of all the votes can be calculated to decide
for a timeslot or choice of subject. Hence, the user doesn't even have to trust
the server he uses that runs dudle. All the server and the other participants
get to see are encrypted availability vectors from which nobody can infer the
original choice of options of the user. Only when combining all of them, a sum
can be calculated which represents the overall availability of all users at a
given time.

By its usage dudle is as simple as doodle. The only thing that might sound
tedious is the private key each user has to take care of after his registration
(which of course works without giving away any private detail like email) but
this is greatly solved by using a bookmarklet to enter his private key into a
poll field. I was showing the setup and what its advantages are to some non-CS
people and was very pleased by the positive responses I got. A big kudos to
Benjamin for his great work on this piece of software!

I am running thttpd on mister-muffin.de and by design it chroots into the www
directory to increase security. A result of this is, that the only cgi scripts
that can be run are statically compiled executables. Dudle is written in ruby
and uses git as the database backend. Hence I had to setup a minimal chroot
environment inside my www directory so that dynamically linked executables like
git and ruby would work. I could've bothered with compiling both statically but
was not up for the trouble (yet). A requirement of this environment was of
course that it was very small and only included stuff that was necessary for
git and ruby to run: dynamic libraries and ruby modules. Another requirement
was that there were no setuid programs that could be used by an attacker to
break out of the chroot environment by becoming root.

One way to do that would be to do a normal debootstrap including git and ruby
and then manually removing everything that was not needed. It turned out that a
normal debootstrap creates lots of overhead in retrieving lots of things that
are not needed anyways and result in also having to delete lots of things
afterwards, which is not worth the hassle.

My idea was to retrieve the git and ruby debian packages and all its
dependencies and all the dependencies of those recursively and then just
extract those packages into a directory. Since I didnt want to do the
dependency resolution manually I let myself be inspired by multistrap and used
apt to do that. Using apt for this task (as well as for multistrap) is possible
because one can specify a custom target directory for apt in the commandline.

Since my final setup did not contain /bin/sh which ruby needed to call git, I
had to patch dudle. I also proposed a way to get rid of the htdigest dependency
to Benjamin and he included that and my /bin/sh patch into dudle. ☺

#!/bin/sh -ex

# check for fakerootif["$LOGNAME"="root"]\||["$USER"="root"]\||["$USERNAME"="root"]\||["$SUDO_COMMAND" !=""]\||["$SUDO_USER" !=""]\||["$SUDO_UID" !=""]\||["$SUDO_GID" !=""];thenecho"don't run this script as root - there is no need to"exitfi